[Cyber] DarkSide Ransomware QUick Roundup

F-Secure and Mandiant layout of how the Darkside malware got in and activated:

https://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html

Some more context

The intruders, who are part of a cybercrime gang called DarkSide, took nearly 100 gigabytes of data out of the Alpharetta, Georgia-based company’s network in just two hours on Thursday, two people involved in Colonial’s investigation said.

https://www.bloomberg.com/news/articles/2021-05-09/colonial-hackers-stole-data-thursday-ahead-of-pipeline-shutdown

At the end of the week:

[Cyber] Biden issues Executive Order to strengthen nation’s cybersecurity networks

Biden issues Executive Order to strengthen nation’s cybersecurity networks

The order specifically calls for:

  • Removing barriers to information sharing between the government and the private sector related to breaches.
  • Modernizing and implementing stronger cybersecurity standards in the federal government. This will help move the government to secure cloud services and a zero-trust architecture and mandates the deployment of multifactor authentication and encryption with a specific timeframe.
  • Improving software supply chain security by establishing baseline security standards for the development of software sold to the government. This will require developers to maintain greater visibility into their software and make security data publicly available.
  • Establishing a cybersecurity safety review board made up of government and private sector leads.
  • Creating a standard playbook for responding to cyber incidents with a set of definitions for cyber incident response by federal departments and agencies.
  • Improving detection of cybersecurity incidents on federal government networks. The EO aims to improve the ability to detect malicious cyber activity on federal networks by enabling a government-wide endpoint detection and response system and improved information sharing.
  • Improving investigative and remediation capabilities through the creation of a cybersecurity event log requirement for federal departments and agencies.

[Cyber] Pirated version leads to ransomware at a research institute

When the student couldn’t find a suitable free version, they searched for a “Crack” version instead. They found what appeared to be one and tried to install it. However, the file was in fact pure malware and the installation attempt immediately triggered a security alert from Windows Defender. The user disabled Windows Defender – and at the same time appears have also disabled their firewall – and tried again. This time it worked.

However, instead of a cracked copy of the visualization tool they were after, the student got a malicious info-stealer that, once installed, began logging keystrokes, stealing browser, cookies and clipboard data and more. Somewhere along the way it apparently also found the student’s access credentials for the institute’s network.

MTR in Real Time: Pirates pave way for Ryuk ransomware – Sophos News

Honestly, this could’ve been me 12 years ago when I was in school.

“Catch me if you can” is based on lies

So Abagnale’s narrative that between the ages of 16 and 20, he was on the run, chased all over the United States and even internationally by the FBI. This is completely fictitious,” Logan said. “Public records obtained by me show that he was confined for the most part in prison during those years.

Could this famous con man be lying about his story? A new book suggests he is

Crazy New Ideas – Paul Graham

Another reason people dismiss new ideas is that it’s an easy way to seem sophisticated. When a new idea first emerges, it usually seems pretty feeble. It’s a mere hatchling. Received wisdom is a full-grown eagle by comparison. So it’s easy to launch a devastating attack on a new idea, and anyone who does will seem clever to those who don’t understand this asymmetry.

There’s a lot packed in Paul’s writeup. This section stood out because I do feel an attack is fantastic when coupled with selective listening. Don’t dismiss the attack, consume it, process it, filter relevant/legitimate feedback and then refine the idea.

http://paulgraham.com/newideas.html

Difference that VPN & router settings make to Internet speed

Speed test via the speed test app, everything on phone via WiFi: 1. Router 5GHz Ireland VPN
2. Router 5GHz no VPN
3. Router 2.4 with VPN

American ingenuity to feel slim #A4waist

After a heavy meal when your jeans don’t close, or you just generally are a 36 waist and want to fit in a 28.

Regards,
Manan Kakkar

Dystopian future of autonomous cars

Imagine a world where all of Volkswagen’s cars are configured to slow down, move to the side and stall when a Bentley is coming through in traffic.

Great for emergency responders configured to work with smart cities sensors. But terrible for elite classism.

https://twitter.com/_davesullivan/status/710300605319786497

An appropriate response in the encryption debate

Imagine Cook sending this to the senate committee.

Spotted at a restaurant in Carson City, NV.

What $7 of promoted Facebook ad gets you

For the following article I spent $7 for a week on Facebook to promote the article.

https://fussyveg.wordpress.com/2016/02/03/masala-library-delightfully-excusite-plating-of-delicious-indian-food/

My regions were India, US, UK and a few others.

My choice of keywords included vegetarian, food, restaurants, and some more.

The results were underwhelming to say the least. All interaction was from India which was very disappointing. Almost as of no one in the West likes Indian food.

Any how here are some metrics from Facebook:

Regards, Manan Kakkar